Actionpack Project

actionpack_project

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Actionpack

actionpack

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-22797 2Actionpack Project Rubyonrails 2Actionpack Rails Mar 24, 2025 Feb 9, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only p...Show more An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-22797

2Actionpack Project

Rubyonrails

2Actionpack

Rails

Mar 24, 2025

Feb 9, 2023

N/A· v4

6.1 MEDIUM· v3

N/A· v2

An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.Show less